The workflow in many company I have been is that we have multiple environment (dev, qa/uat, prod). We use web.config, web.uat.config and transformation to generate the appropriate config.
password, db connection strings for DB and the like for dev/uat are in TFS.
However the prod credential are in more secret secure location. I.e. not in version control system

The secret API is for secret on each developer platform! (basically it suggest that 1 we shouldn't use TFS/Git) to share system configuration and then.. on top of that we can't setup and use secret on the prod machine! which is the whole point of the exercise!!

Utterly confused

To summarise, it feels to me like they tried to bamboozle me with this secret thing but it's utterly useless. Keep things as before. Config in web.config or appsettings.json to be more fancy and new. And a special setting file with prod that you restore after each prod deploy.

At the end of the day you have to have the password written somewhere...
What they say is that do not store it in the config file, as it may - even accidentally - pass from development to production...
The idea is to store the sensitive data in files that never will be part of the deployment (except if you are publishing your sins too ) - in this case the project file, which shared between developers but never goes public... (and yes - the project file stored in some GIT/TFS)

"The only place where Success comes before Work is in the dictionary." Vidal Sassoon, 1928 - 2012

The secret API is for secret on each developer platform! (basically it suggest that 1 we shouldn't use TFS/Git) to share system configuration and then.. on top of that we can't setup and use secret on the prod machine! which is the whole point of the exercise!!

On the same page;

"Production secrets shouldn't be used for development or test. You can store and protect Azure test and production secrets with the Azure Key Vault configuration provider."

..and;

"The Secret Manager tool doesn't encrypt the stored secrets and shouldn't be treated as a trusted store. It's for development purposes only. The keys and values are stored in a JSON configuration file in the user profile directory."

Super Lloyd wrote:

To summarise, it feels to me like they tried to bamboozle me with this secret thing but it's utterly useless.

It works differently from what you expected, which means it may not be intended to but may be there for some other purpose.

Bastard Programmer from Hell If you can't read my code, try converting it here[^]
"If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.

Since past few days, the powershell script is not working, it does a simple thing of moving files from one location to another location within same server. One location on E drive to another location on E drive.

I had a look at the event viewer - application logs, for any errors - I also manually copied a file to location, to see if there was any space or permissions issues all of a sudden. Is there any other location I can look for errors?

not talking about a responsive grid here, where images are fully separated from each other & fixed in their own block...but rather a typical photo collage, similar to magazine page design, where images *overlap* each other. Is this possible, in bootstrap (or any other form that can be incorporated into a bootstrap site)...???

It's possible but you won't be using Bootstrap features to accomplish this. You're going to have to apply css to rotate images (I'd normally use scss with a mixin to give a random(ish) rotation to the image to accomplish this but you could use JavaScript as well).